Hacking and Securing Cloud Infrastructure

NEW

2 Days

2020 Edition

This 2-day course cuts through the mystery of Cloud Services (including AWS, Azure and G-Cloud) to uncover the vulnerabilities that lie beneath. We will cover a number of popular services and delve into both what makes them different, and what makes them the same, as compared to hacking and securing a traditional network infrastructure.

Click here to view our March 2020 Free Webinar Recording

Overview Details Prerequisites PDF Upcoming Classes

Class Overview

Whether you are an Architect, Developer, Pentester, Security or DevOps Engineer, or anyone with a need to understand and manage vulnerabilities in a Cloud environment, understanding relevant hacking techniques, and how to protect yourself from them, is critical. This class covers both the theory a well as a number of modern techniques that may be used to compromise various Cloud services and infrastructure.

Course Takeaway

Our own customized version of kali linux with inhouse developed scripts and tools to help with hacking auditing and securing Cloud.

Class Details

Whether you are an Architect, Developer, Pentester, Security or DevOps Engineer, or anyone with a need to understand and manage vulnerabilities in a Cloud environment, understanding relevant hacking techniques, and how to protect yourself from them, is critical. This course covers both the theory a well as a number of modern techniques that may be used to compromise various Cloud services and infrastructure.

Prior pentest / security experience is not a strict requirement, however, some knowledge of Cloud Services and a familiarity with common Unix command line syntax will be beneficial.

Introduction to Cloud Computing

Introduction to cloud and why cloud security matters
Comparison with conventional security models
Shared responsibility model
Legalities around Cloud Pentesting

Enumeration of Cloud environments

DNS based enumeration
OSINT techniques for cloud-based asset

Gaining Entry in Cloud Environment

Serverless based attacks (AWS Lambda / Azure & Google functions)
Web application Attacks
Exposed Service ports

Attacking Specific Cloud Services

Storage Attacks
Azure AD Attacks
Containers and Kubernetes Clusters
IAM Misconfiguration Attacks
Roles and permissions-based attacks
Attacking Cognito misconfigurations

Post - Exploitation

Persistence in Cloud
Post exploit enumeration
Snapshot access
Backdooring the account

Auditing and Benchmarking of Cloud

Preparing for the audit
Automated auditing via tools
Golden Image / Docker image audits
Relevant Benchmarks for cloud

Defense: Identification of cloud assets

Inventory Extraction for AWS, Azure and GCP
Continuous inventory management

Defense: Protection of Cloud Assets

Principle of least privilege
Control Plane and Data Plane Protection
Financial Protections
Metadata API Protection
Cloud specific Protections
Windows / Linux IaaS auditing

Defense: Detection of Security issues

Setting up Monitoring and logging of the environment
Identifying attack patterns from logs
Monitoring in multi-cloud environment

Defense: Response to Attacks

Automated Defense techniques
Cloud Defense Utilities
Validation of Setup

Prerequisites

Who Should Take This Class?

Cloud Administrators, Developers, Solutions Architects, DevOps Engineers, SOC Analysts, Penetration Testers, Network Engineers, security enthusiasts and anyone who wants to take their skills to next level.

Prior Pen Test experience is not a strict requirement, however, some knowledge of Cloud Services and a familiarity with common command line syntax will be greatly beneficial.

Student Requirements

Delegates must bring their own laptop and have admin/root access on it. The laptop must have a virtualization software (virtualbox / VMWare) pre installed. A customized version of Kali Linux (ova format) containing custom tools, scripts and VPN scripts for the class will be provided to the students. The laptop should have at least 4 GB RAM and 20 GB of free disk space dedicated for the VM.

Training Events